Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack
Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft…
Oracles silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a…
Oracle releases emergency patch for new E-Business Suite flaw
Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited…
Harvard investigating breach linked to Oracle zero-day exploit
Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged…
Zero-day in file-sharing software leads to RCE, and attacks are ongoing
Security research firm Huntress is warning all users of Gladinet's CentreStack and Triofox file-sharing tools to urgently apply an available…
Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit
The Clop ransomware group likely began targeting Oracle E-Business Suite (EBS) instances as early as August 9, successfully exfiltrating a…
ShinyHunters Wage Broad Corporate Extortion Spree
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has…
Clop exploited Oracle zero-day for data theft since early August
The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early…
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as…
Clop raid on Oracle E-Business Suite started months ago, researchers warn
Security boffins say the Clop cybercriminal gang has been rummaging through Oracle's E-Business Suite (EBS) for months – and now the…
CrowdStrike Warns of New Mass Exploitation Campaign Leveraging Oracle E-Business Suite 0-Day
A widespread campaign observed exploiting a novel zero-day vulnerability in Oracle E-Business Suite (EBS) applications, now tracked as…
NCSC: Patch Critical Oracle EBS Bug Now
Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the…
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform…
Clop Ransomware Targets Oracle E-Business Suite: Extortion Wave Hits Global Enterprises
A new wave of extortion attacks linked to the Clop ransomware group has recently shaken organizations using Oracle E-Business Suite (EBS),…
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
Cybersecurity experts are on high alert as a group claiming ties to the infamous Cl0p ransomware gang is bombarding companies with emails that…
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were…
Hackers Target Unpatched Flaws in Oracle E-Business Suite
Oracle has advised customers that hackers may be exploiting vulnerabilities in unpatched instances of its E-Business Suite (EBS). This follows…
Extortion Emails Sent to Executives by Self-Proclaimed Clop Gang Member
An individual or group of people claiming to be working with the Clop ransomware has been sending extortion emails to executives at several…
Clop extortion emails claim theft of Oracle E-Business Suite data
Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data…
Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet
Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in…
UK arrests 'Scattered Spider' teens linked to Transport for London hack
Two teenagers, believed to be linked to the August 2024 cyberattack on Transport for London, have been arrested in the United Kingdom.…